Privacy Policy

When you use VibeTrace, we collect the following information:

• Website URLs: The URLs you submit for scanning
• Scan Results: The security scan reports generated for your websites
• Technical Information: IP address, browser type, and timestamp of requests
• Usage Analytics: Anonymous usage statistics to improve our service

If your scan reveals vulnerabilities, we may prompt you to provide your email address to receive a detailed report. We collect this email address for the sole purpose of sending you this one-time report.

Important: We will not sell your email, share it with third parties, or add you to any marketing lists without your separate, explicit consent. The email address is used exclusively for delivering your security report.

We use the collected information for the following purposes:

• Providing the security scanning service
• Generating and delivering scan reports
• Improving our scanning algorithms and service quality
• Monitoring for abuse and ensuring service stability
• Internal analytics to understand usage patterns

We do not:

• Sell your data to third parties
• Share your URLs or scan results with external parties
• Use your information for marketing purposes
• Store unnecessary personal information

Scan Results: We temporarily store scan results to provide you with the service. These results are automatically deleted after 24 hours.

URLs: Submitted URLs are processed in real-time and are not permanently stored unless required for abuse monitoring.

Logs: We keep anonymized server logs for up to 30 days for security and performance monitoring purposes.

We implement appropriate security measures to protect your information:

• HTTPS encryption for all data transmission
• Secure server infrastructure
• Regular security updates and monitoring
• Limited access to data on a need-to-know basis

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

VibeTrace uses minimal tracking:

• No persistent cookies are set
• No third-party tracking scripts
• No social media tracking pixels
• Basic server logs for security and performance monitoring only

Our scanning process may interact with external services:

• Target Websites: We make HTTP requests to the websites you ask us to scan
• DNS Services: Standard DNS lookups are performed as part of the scanning process
• External Callbacks: Some advanced tests may use external callback services for SSRF/XXE detection

We do not share your personal information with these services beyond what is necessary for the scanning process.

You have the right to:

• Request information about data we have collected about you
• Request deletion of your data (subject to our retention policies)
• Opt out of our service at any time
• Report any privacy concerns or data breaches